File Release Notes and Changelog
Release Name: cryptmount-2.2
Notes:
Release notes for cryptmount-2.2
RW Penney, 19th January 2008
Introduction
============
cryptmount is a utility for GNU/Linux operating systems which allows
an ordinary user to mount an encrypted filing system without requiring
superuser privileges, and which assists the system-administrator in
creating and managing encrypted filesystems & swap-partitions.
cryptmount was written to address differences between the capabilities of
the loopback device of the 2.4/2.6 kernel series and the newer, preferred,
device-mapper mechanisms of the 2.6 kernel series. cryptmount automatically
performs the various stages of configuring any supporting loopback
and device-mapper targets needed to access an encrypted filing system
before actually mounting it, but without requiring the user to be
explicitly granted root privileges through either knowing the root password
or through tools such as sudo. Filesystems managed by cryptmount can also
be designated so that only the superuser can (un)mount them.
By allowing user-level, on-demand, mounting of encrypted filing systems,
cryptmount allows filesystems that are only used intermittently to be
left in a more secure state than if they have to be made available by
the system administrator whenever the system is booted.
cryptmount also provides an aid to the system manager in allowing easier
control over the configuration and mounting of encrypted filesystems,
especially within system start-up scripts.
Summary of new features in cryptmount-2.2
=========================================
This (stable) release focuses on code-tidying and usability improvements
* Support for reading passwords from streams,
to allow integration with scripts or GUI wrappers
* Prioritization of libgcrypt (with OpenSSL compatibility layer) over libssl
for access-key security
It has been tested on the following systems:
* Debian GNU/Linux 4.0 ("etch") (x86, amd64)
* Debian GNU/Linux 3.1 ("sarge") (x86)
* FedoraCore-7 (x86)
* FedoraCore-5 (x86)
* OpenSuSE Linux 10.2 OSS (x86)
* Ubuntu 7.10 ("gutsy gibbon") (x86)
Summary of new features in cryptmount-2.1
=========================================
This (stable) release focuses on extended functionality and consolidation
* Setup script added for basic configuration of new encrypted filesystems
* Support for OpenSSL key-files via the libgcrypt library
* Facilities for translating between access-keys stored in different formats
* Improved handling of system shutdown while loopback filesystems are active
It has been tested on the following systems:
* Debian GNU/Linux 4.0 ("etch") (x86, amd64)
* Debian GNU/Linux 3.1 ("sarge") (x86)
* FedoraCore-7 (x86)
* FedoraCore-5 (x86)
* OpenSuSE Linux 10.2 OSS (x86)
* Ubuntu 7.04 ("feisty fawn") (x86)
(may need 'modprobe dm-crypt' and creation of extra /dev/loop? nodes)
Summary of new features in cryptmount-2.0
=========================================
This (stable) release focuses on extended functionality and improved internal structure, including:
* Built-in key management based on SHA1 + Blowfish crypto-algorithms,
which can be used when OpenSSL or libgcrypt are not available
(e.g. during system boot-up, or if not installed at all)
* OpenSSL & libgcrypt key-management now available through
dynamically loadable modules
* Improved support for very large (64bit) filing systems
* Improved support for setup of encrypted devices at system boot
* Various improvements to error-trapping and portability
It has been tested on the following systems:
* Debian GNU/Linux 4.0 ("etch") (x86, amd64)
* Debian GNU/Linux 3.1 ("sarge") (x86, kernel-2.6)
* OpenSuSE Linux 10.2 OSS (x86)
* FedoraCore-5 (x86)
Summary of new features in cryptmount-1.2
=========================================
This (stable) release focuses on extensions in functionality, including:
* support for reading configuration data via the command-line
* support for priority-setting on crypto-swap
* improved robustness to pathological (un)mount operations
It has been tested on the following systems:
* Debian GNU/Linux 3.1 ("sarge") (x86, kernel-2.6)
* Ubuntu 6.06.1 ("dapper drake") (x86)
(may need patching of 'dd' and creation of extra /dev/loop? nodes)
* SuSE Linux 10.0 OSS (x86)
* Mandriva Linux 2005 (x86)
* FedoraCore-5 (x86)
* FedoraCore-4 (x86)
Summary of new features in cryptmount-1.1
=========================================
This (stable) release focuses on extensions in functionality, including:
* support for encrypted swap partitions
* multiple formats for key-files, currently either OpenSSL or libgcrypt
* addition of a script for mounting filesystems/swap partitions at boot
It has been tested on the following systems:
* Debian GNU/Linux 3.1 ("sarge") (x86, kernel-2.6)
* SuSE Linux 10.0 OSS (x86)
* Mandriva Linux 2005 (x86)
* FedoraCore-5 (x86)
* FedoraCore-4 (x86)
Summary of new features in cryptmount-1.0
=========================================
This (stable) release focuses on extensions in robustness, user-friendliness
and internationalization, including:
* addition of options for changing the access password for each target
* addition of mechanisms for generating
random decryption keys for new filesystems
* addition of compile-time option for responding to invocation via
linked executables named "cryptumount", "cryptunmount" etc.
* added support for GNU gettext, including French translations of
manual pages and common messages
* improved mechanisms for preventing unauthorized unmounting of filesystems
It has been tested on the following systems:
* Debian GNU/Linux 3.1 ("sarge") (x86, kernel-2.6)
* SuSE Linux 10.0 OSS (x86)
* Mandriva Linux 2005 (x86)
* FedoraCore-4 (x86) (may need extra configuration of
security policies governing losetup, mke2fs etc)
Summary of new features in cryptmount-0.4
=========================================
This (beta) release focuses on extensions in functionality and robustness,
including:
* addition of switches allowing filesystem mounting to be restricted
only to superuser
* addition of automatic filesystem checking (via fsck) prior to mounting
* compile-time choice between in-built mount, or /bin/mount etc
* addition of facility for unencrypted filesystem key
(e.g. stored on removable device such as a USB key)
It has been tested on the following systems:
* Debian GNU/Linux 3.1 ("sarge") (x86, kernel-2.6)
* FedoraCore-4 (x86) (may need extra configuration of
security policies governing losetup, mke2fs etc)
* Mandriva Linux 2005 (x86)
* SuSE Linux 10.0 OSS (x86)
Summary of new features in cryptmount-0.3
=========================================
This (beta) release focuses on extensions in functionality and robustness,
including:
* addition of '--all' command-line option, for example to allow easier
unmounting of all encrypted filing systems via 'cryptmount --unmount --all'
* multiple targets can be specified on the command-line, for example
for mounting multiple filing systems at the same time
* support for loopback filingsystems >2GB has been improved
* all mounting/unmounting activity is now recorded via syslog
* security checks on the configuration file have been extended
* improved documentation of password-changing & fsck tasks
It has been tested on the following systems:
* Debian GNU/Linux 3.1 ("sarge") (x86, kernel-2.6)
* FedoraCore-4 (x86) (may need extra configuration of
security policies governing losetup, mke2fs etc)
* Mandriva Linux 2005 (x86)
* SuSE Linux 10.0 OSS (x86)
Summary of new features in cryptmount-0.2
=========================================
This (beta) release focuses on extensions in functionality, including:
* addition of optional configuration-file parameters for selecting
a subset of blocks within a device for hosting the filing system
* addition of optional configuration-file parameter for selecting
a particular loopback device rather than having one chosen automatically
* addition of optional cipher-IV parameter to configuration-file
* improved detection of errors in the configuration-file
* basic security checks performed on configuration-file and
target-description before any privileged action is taken
It has been tested on the following systems:
* Debian GNU/Linux 3.1 ("sarge") (x86, kernel-2.6)
* FedoraCore-4 (x86) (may need extra configuration of
security policies governing losetup, mke2fs etc)
* Mandriva Linux 2005 (x86)
* SuSE Linux 10.0 OSS (x86)
Summary of new features in cryptmount-0.1
=========================================
This (beta) release focuses on improvements in robustness, portability
and documentation, including:
* improved support for systems with glibc built against kernel-2.4 headers
* addition of mechanisms for updating /etc/mtab on (un)mounting filing
systems, so the programs such as df can operate normally on filesystems
controlled by cryptmount
* clearer examples on usage within README & the cryptmount man-page
(avoiding ambiguities about whether 'aes256', rather than 'aes',
is a valid kernel-module name)
It has been tested on the following systems:
* Debian GNU/Linux 3.1 ("sarge") (x86, kernel-2.6)
* FedoraCore-4 (x86) (may need extra configuration of
security policies governing losetup, mke2fs etc)
* Mandriva Linux 2005 (x86)
* SuSE Linux 10.0 OSS (x86)
Summary of new features in cryptmount-0.0.3
===========================================
This (alpha) release further improves robustness, and portability including:
* a bug which restricted protection of cipher-key to the Blowfish and
md5 algorithms has been fixed, thereby allowing any cipher/hash
supported by the openssl library to be used
* differences in behaviour of libdevmapper which may or may not create
device-nodes below /dev/mapper, have been allowed for
* an automatic testing script has been written
* improved detection of failure to decrypt the cipher-key has been added
It has been tested on the following systems:
* Debian GNU/Linux 3.1 ("sarge") (x86, kernel-2.6)
* SuSE Linux 10.0 OSS (x86)
Summary of new features in cryptmount-0.0.2
===========================================
This (alpha) release of cryptmount improves general robustness and documentation as follows:
* a basic manual-page has been written
* a locking mechanism has been added, to ensure that only the
(non-root) user that mounted a filing system can unmount it
* tidying-up of devices occurs if mounting fails
It has been tested on the following system:
* Debian GNU/Linux 3.1 ("sarge") (x86, kernel-2.6)
Summary of features in cryptmount-0.0.1
=======================================
This initial (pre-alpha) release of cryptmount offers the following features:
* support for all encryption algorithms supported by the kernel
* encryption of cipher-key by Blowfish algorithm & md5 message-digest
It has been tested on the following system:
* Debian GNU/Linux 3.1 ("sarge") (x86, kernel-2.6)
Acknowledgements
================
The author gratefully recognizes the assistance of being able to refer
to the source-code for the following packages:
openssl-0.9.8 (specifically apps/enc.c, by Eric Young)
devicemapper-1.01.05 (by Sistina UK)
utillinux-2.12q (specifically mount/lomount.c)
Although no code has been directly copied from any of these or other packages
in writing cryptmount, certain similarities of structure cannot be avoided
in some areas.
Thanks are also due to the following people who have been
very helpful in testing cryptmount:
Holger Müller (RH spec-file, Makefile.in patches, LARGEFILE testing)
Levente Farkas (patches to RH spec-file)
Sebastian Rasmussen (patches for readonly loopback devices)
Laszlo Boszormenyi (debian-specific packaging)
Baruch Even (patches for man-pages)
Erich Schubert (patches to initscript)
Rennie deGraaf (tracing pathname canonicalization issues)
Dan O'Huiginn (patch for Debian examples directory)
Carl Banks (idea behind --safetynet option)
# $Revision: 190 $, $Date: 2008-01-20 18:05:54 +0000 (Sun, 20 Jan 2008) $
Changes:
ChangeLog for cryptmount
20Jan08 - *** cryptmount-2.2 released
20Jan08 - enhanced error-trapping on loop-device setup failure
18Jan08 - added further explanation of device-mapper error messages to README
20Dec07 - updated French translations
14Dec07 - *** cryptmount-2.2beta1 released
09Dec07 - removed (spurious) restriction of '--passwd-fd' option to root only
08Dec07 - altered relative priority of libgcrypt & openssl in configure script
07Dec07 - refactored command-line password reading into km_get_passwd()
wired-together reading of passwords from file-descriptor
25Nov07 - tidied various whitespace anomalies
04Nov07 - added lintian-override file to quieten complaints about setuid binary
27Oct07 - changed OpenSSL key-manager to use internal password dialogue function
added posix-compliant version of getpass() when termios.h is available
06Oct07 - improved memory-cleanup within gcrypt key-extraction
05Oct07 - patched module-installation to give better control over strip/no-strip
adjusted key-manager def'ns to prepare for reading passwds via streams
05Aug07 - refactored cleanup mechanisms in 'mudslinger' testing script
04Aug07 - *** cryptmount-2.1 released
04Aug07 - split /etc/init.d script into separate early & normal phases
added basic man-page for cryptmount-setup
17Jul07 - *** branch-2.1 forked from trunk
15Jul07 - added notices about migration plans for avoiding OpenSSL library
added 'reuse-key' option
14Jul07 - add OpenSSL-compatible key reading/writing via libgcrypt
extended tests for cipher/digest name-mapping in armour-gcry.c
added unit-test for extraction of OpenSSL keys via libgcrypt
extended automatic cipher/digest name-mapping in armour-gcry.c
13Jul07 - reorganized libgcrypt key/iv-init to allow OpenSSL-compatible algo
12Jul07 - adjusted add_keymgr() to allow adding pre-built lists of key-managers
30May07 - extended commentary messaging in auto-setup script
28May07 - added beginning of auto-setup script
06May07 - added basic '--safetynet' option
04May07 - added precautionary modprobe for dm-mod to /etc/init.d startup script
29Apr07 - patched BLKGETSIZE test to cope better with block-size != 512bytes
added comments in documentation about bad keysizes
added explicit casting on converting uint32 to uchar
updated to autoconf-1.9.6 & gettext-0.16.1
18Apr07 - added more return-code checks in password-changing
10Apr07 - *** cryptmount-2.0 released
02Apr07 - updated French manual pages
29Mar07 - added extra checks for fwrite()-success on key-generation
27Mar07 - widened use of size_t, to improve 64bit-cleanliness
24Mar07 - added 'splint' target to Makefile
patched various type imperfections identified by 'splint'
19Mar07 - added basic security check on key-manager module directory
18Mar07 - extended README discussion of configuration at boot
15Mar07 - patched unsigned/size_t conflict in km_aug_key()
12Mar07 - *** cryptmount-2.0beta1 released
10Mar07 - reduced dependency of mudslinger testing-script on OpenSSL support
adjusted configure.ac to use OpenSSL & libgcrypt by default if available
07Mar07 - made random-key generation less excessively greedy for entropy
06Mar07 - neatened internal special cases for unencrypted (raw) keys
04Mar07 - re-prioritized keymanagers to make builtin-type default for new keys
added '--key-managers' option for listing available crypto engines
03Mar07 - increased security of memory management in armour-gcry key-extraction
01Mar07 - extracted armour-grcy key augmentation/checksum routines into utils.c
27Feb07 - added beginnings of built-in sha1/blowfish key-manager mechanisms
added unit-test for internal Blowfish algorithm
25Feb07 - added unit-test for internal SHA1 algorithm
added implementation of Blowfish algorithm (from http://www.schneier.com/code/bfsh-sch.zip (declared as "public domain"))
24Feb07 - extracted various armour/tables functions into new utils.{h,c}
added basic implementation of SHA1 message-digest
replaced crude raw-keymanager hashing algorithm with SHA1
23Feb07 - added basic support for dynamically loadable keymanager modules
19Feb07 - extracted OpenSSL & libgcrypt routines into separate armour-*.c files
adjusted key-manager list-mechanisms to prepare for loadable modules
17Feb07 - added support for 'early' setup of cryptmount devices on system boot
13Feb07 - improved cleanup on test-failure in testing script
11Feb07 - improved configure.ac tests for libdevmapper components
10Feb07 - added randomized time-delay to config-file locking mechanisms
28Jan07 - added outline description of boot-time mounting/swap-on to README
26Jan07 - added new getblkcount() method for 32/64 bit filesystem block-count
added unit-test for relationship between BLKGETSIZE64 & BLKGETSIZE
25Jan07 - changed block-start/length & iv-offset to int64 type to support v.large filesystems
05Nov06 - automated translation of install-paths in debian setup
15Oct06 - *** cryptmount-1.2 released
15Oct06 - added debian/* entries to default distribution
10Oct06 - augmented initscript to automatically include pathname of executable
05Oct06 - adjusted is_mounted() to use device-IDs rather than pathnames
01Oct06 - enhanced checking for missing command-line parameters
30Sep06 - added support for reading config-info from command-line via stream
added separate unit-test for locks on privileged operations
02Sep06 - added support for 'pri=' flag in fsoptions for crypto-swap
patched is_mounted() to mitigate pathname canonicalization in /etc/mtab
added tests for pathname oddities in testing script
29Aug06 - incorporated Erich Schubert's patch for posix-compliant init script
14Aug06 - *** cryptmount-1.1 released
06Aug06 - added /etc/init.d script for setting up swap/filesystems at boot-up
30Jul06 - added '--enable-swap' option to configure.ac for crypto-swap
17Jul06 - *** cryptmount-1.1_beta released
16Jul06 - added support for encrypted swap partitions via '--swapon' option
08Jul06 - incorporated Baruch Even's '\-' patches into man-pages
30Jun06 - added unit-test for keyfile r/w across all key formats
24Jun06 - added support for keyfiles protected by libgcrypt library
18Jun06 - added clarifications to licence relating to OpenSSL linkage
17Jun06 - added simple unit-testing mechanisms for internal routines
16Jun06 - added '--with-openssl' option to configure
14Jun06 - abstracted cipher functions to enable support for multiple crypto-libs
27May06 - added default cipher-algorithm variables to configure.ac
26May06 - patched bug relating to loopbacks on readonly devices
08May06 - *** cryptmount-1.0rc1 forked & released
07May06 - added testing of multiple quasi-simultaneous mounts to testing script
06May06 - added cmstatus file to store user-locks rather than chown() keyfiles
30Apr06 - added argv[0] switches to allow invocation via 'cryptumount' etc
28Apr06 - updated man-page and README to include easier keyfile generation
added testing of --change-password to testing script
27Apr06 - added testing of --generate-key to testing script
23Apr06 - added password-changing facilities
added user-friendly facility for generating new key-files
21Apr06 - added preliminary French message translations (.po file)
20Apr06 - added French versions of manual pages
16Apr06 - changed delegation and fsck to be enabled by default
moved man-pages into separate sub-directory (to prepare to i18n)
14Apr06 - patched rpm .spec file to allow building by non-root user
------
08Apr06 - *** cryptmount-0.4 released
08Apr06 - added test for user/nouser flags
adjusted man-page preprocessing to reflect fsck compilation-flag
07Apr06 - added 'flags' parameter to control privileged actions + auto-fsck
01Apr06 - added optional automatic fsck before mounting
24Mar06 - added optional delegation of (un)mounting to /bin/mount, /bin/umount
22Mar06 - created new fsutils.{h,c} & prepared fsoptions for mount-delegation
14Mar06 - added facility for unprotected (plain) decryption key
11Mar06 - added separate man-page for configuration file
improved configure/Makefile expansion of @etcdir@ macro in man-pages
10Mar06 - changed output of --list to go to stdout rather than stderr
added testing of --list and null-cmtab to testing script
------
05Mar06 - *** cryptmount-0.3 released
02Mar06 - added password-changing & fsck examples to man-page
28Feb06 - added debianization scripts
26Feb06 - added test for /etc/mtab updating to testing script
25Feb06 - added connection to syslog for mount/unmount/prepare/release actions
neatened configure tests for openssl & libdevmapper
24Feb06 - patched to improve support for LARGEFILEs
22Feb06 - made testing-script more tolerant of miscompiled executable
17Feb06 - changed /etc/mtab entries to use full name of mounted device
adjusted unmount/release modes to continue beyond unconfigured targets
11Feb06 - added facilities for multiple-targets & '--all' option on command-line
10Feb06 - added security checks on directory containing cmtab
------
02Feb06 - *** cryptmount-0.2 released
28Jan06 - added 'loop' parameter test to testing script
improved syntax-error catching in cmtab
added basic checks on security of target specification
23Jan06 - added 'loop' parameter to cmtab parser
added basic checks on security of cmtab
22Jan06 - added rpm spec-file (based on version by Holger Mueller)
21Jan06 - added 'ivoffset' parameter to cmtab parser
neatened delegation mechanisms for cmtab token-processing
added cryptsetup-compatibility test to testing-script
20Jan06 - moved various security-related routines into new armour.{c,h}
15Jan06 - increased speed of startsector/numsector unit-test with new bingrep.c
14Jan06 - added 'startsector' & 'numsectors' parameters to cmtab parser
------
06Jan06 - *** cryptmount-0.1 released
04Jan06 - added more informative error-messages for (un)mount failures
25Dec05 - patched command-line options to prefer 'unmount' over 'umount'
added option-synonym test to testing-script
23Dec05 - patched to ease compilation on FedoraCore-4 (+ kernel-2.4 headers)
22Dec05 - neatened usage examples in README & man-page
18Dec05 - added mechanisms for updating /etc/mtab on (un)mounting
------
16Dec05 - *** cryptmount-0.0.3 released
16Dec05 - allowed for automatic creation of device-nodes by libdevmapper
15Dec05 - added key-decryption failure detection
14Dec05 - patched bug in handling non-default keycipher & keyhash algorithms
12Dec05 - informative return-codes wired-in
automatic testing script ("mudslinger") created
------
09Dec05 - *** cryptmount-0.0.2 released
06Dec05 - added basic man-page
added locking mechanism to avoid unmounting by different user
04Dec05 - added facility for configuring devices without mounting
03Dec05 - config-files below ${sysconfdir}/cryptmount/
improved error-handling & debris-removal on mount-failures
------
02Dec05 - *** cryptmount-0.0.1 released
# $Revision: 190 $, $Date: 2008-01-20 18:05:54 +0000 (Sun, 20 Jan 2008) $
About SourceForge
Develop Software
Community
Copyright © 2009 Geeknet, Inc. All rights reserved. Terms of Use
